It helps to maintain uniform settings across terminal servers and the server settings can be changed at one place rather than doing it to individual servers. Only authentic administrators can change the settings and the process is extremely flexible. This is a granular application.
The group policies require an active directory and it should have the rights and skills to edit a GPO. For different settings on different servers there is a requirement of multiple GPOs or extensive filtering.
Terminal Access Controller Access Control System or TACACS is a protocol that provides access control to various applications like network servers, routers and other devices related to computing. The protocol provides unique services related to accounting, authorization and authentication. TACACS+ is a product of CISCO. TACACS+ uses TCP and is used on widespread networks. TACACS provides great security and uses TCP which are its advantages however the disadvantages include weakness towards Birthday Attacks, buffer overflow and is also not very safe against packet sniffing.
RADIUS uses UDP and therefore if TCP is required then TACACS is the right option, moreover RADIUS is vulnerable to buffer overflow attacks however TACACS is not. Kerberos on the other hand uses encryption key (SSO) single sign on to provide authentication and it is primarily the secured option for communication between client ad KDC server however TACACS is required as an overall server to network authentication protocol.